Skip to content
Related Articles

Related Articles

Improve Article

PwnXSS – Automated XSS Vulnerability Scanner Tool in Kali Linux

  • Last Updated : 20 Apr, 2021

PwnXSS is a free and open-source tool available on Github. This tool is specially designed to find cross-site scripting. This tool is written in python. You must have python 3.7 installed in your Kali Linux. There are lots of websites on the internet which are vulnerable to cross-site scripting(XSS). This tool makes finding cross-site scripting easy. This tool works as a scanner. The Internet has millions of websites and web apps a question comes into mind whether your website is safe or not. Security of our websites plays an important role. Cross-site scripting or XSS is a vulnerability that can be used to hack websites. This tool helps to find such vulnerability easily.

PwnXSS -An Automated XSS Vulnerability Scanner Tool In Kali Linux

Features of PwnXSS:

  • PwnXSS is a multiprocessing support tool,.
  • PwnXSS is a customizable tool, You can customize it.
  • PwnXSS supports all types of request POST and GET.
  • PwnXSS has a feature of error handling. If any error occurred during scanning it can handle easily.
  • PwnXSS is free and open source tool.
  • PwnXSS is written in python language.

Uses of PwnXSS:

  • PwnXSS is used to find cross-site scripting vulnerability in websites and webapps.
  • It’s an open-source tool just download it and run it to find cross-site scripting vulnerability.
  • This tool is available on GitHub install and starts scanning websites.
  • PwnXSS makes it easy to scan websites for xss.
  • This tool works like a scanner.

Installation of PwnXSS tool in Kali Linux:

Step 1: Open your Kali Linux terminal and move to Desktop using the following command. 



cd Desktop

PwnXSS -An Automated XSS Vulnerability Scanner Tool In Kali Linux

Step 2: You are on Desktop now create a new directory called pwnxss using the following command. In this directory installation of the pwnxss tool will be done.

mkdir pwnxss

Step 3: Now move to this directory using the following command.

cd pwnxss

Step 4: You have to install the first basic requirement using the following command.

pip3 install bs4

PwnXSS -An Automated XSS Vulnerability Scanner Tool In Kali Linux

Step 5: You have to install the second basic requirement using the following command.



pip3 install requests

Step 6: Now you have to install the tool. This means you have to clone the tool from github using the following command.

git clone https://github.com/pwn0sec/PwnXSS

PwnXSS -An Automated XSS Vulnerability Scanner Tool In Kali Linux

Step 7: The tool has been downloaded in the pwnxss directory. To list out the contents of the tool use the following command.

ls

Step 8: You can see that a new directory of the pwnxss tool has been generated while we were downloading the tool. Move to this directory using the following command.

cd PwnXSS

Step 9: To list out the content of the tool use the following command.

ls

PwnXSS -An Automated XSS Vulnerability Scanner Tool In Kali Linux

Step 10: You can see different files of the tool here. Now you have to give permission to the tool using the following command.



chmod 755 -R PwnXSS

Step 11: Use the following command is used to see the help index of the tool.

python3 pwnxss.py --help 

The tool has been downloaded successfully using this tool you can easily check the cross-site scripting vulnerabilities of the websites and webapps. Now here are some examples to use the PwnXSS tool.

Example: python3 pwnxss.py -u http://testphp.vulnweb.com

python3 pwnxss.py -u http://testphp.vulnweb.com

The tool has started checking cross-site scripting vulnerability. These are the vulnerability that the tool has detected. The tool keeps checking the website again and again when found a vulnerable website it will show you on the terminal.

My Personal Notes arrow_drop_up
Recommended Articles
Page :